Introducing sonar-alloweddependencies-plugin

Around a year ago I published part 2 of this series, providing an approach for restricting the dependencies which could be downloaded through a Nexus repository server.

One struggle that became obvious when trying to implement this approach at scale is that you are required to approve all the transitive dependencies down the chain too. NPM projects especially become unreasonable to maintain quickly. As an example one of my pretty basic Homebridge plugins has a total of 15 dependencies between dependencies and devDependencies - after deduplication the dependency tree has more than 800 items. That is not maintainable through Nexus content selectors.

A different approach, which does not prevent downloading, is to integrate checks into the code quality analysis performed by SonarQube. There are no rules built in to do this though, so a custom plugin was required.

» Continue reading

Revisiting Selective Code Generation from OpenAPI Specifications

I have now moved fully to using the openapi-generator for generating code from OpenAPI specifications, instead of the “official” swagger-codegen. This fork, by some of the original maintainers, has a much more active community & development pace over the original project. My PR to improve tag support in swagger-codegen is still sitting with no activity more than 6 months on.

Using tags as part of generation has been supported for all JAX-RS based generators as of version 5 of openapi-generator. I am using this through through the maven plugin, which correctly integrates with maven to add generated sources to the sources paths. We use this with the generate goal linked to the maven lifecycle so code generation is performed in every build of the project, so we can be sure that the code in the produced artefact reflects the specification in the repository.

The maven plugin has very detailed documentation with all the configuration options available for it, but going into this it is worth noting that some of the terminology is different between the two forks of the plugin. This is reflected in the documentation. Individual generators are documented here.

» Continue reading

Raspberry Pi Imager 1.6 Brings Advanced Configuration

The new advanced options screen, accessible with the ctrl-shift-x key sequence, includes some common options for setting the hostname, WiFi credentials, user authentication details and enabling SSH at the point of imaging a storage device.

While this currently only works for Pi OS, it is a great step forward for headless setup.

The full details are in the Raspberry Pi announcement blog post.

How I Configure Pi-hole Without the UI

I run two Pi-hole instances for redundancy and needed an approach to keep some configuration consistent between the two instances.

There is a utility, gravity-sync, that can automate the sync between a primary instance and secondary instances, but I wanted to keep it simple as I don’t apply changes too often. I also wanted to still be able to set up a new instance with my existing configuration without needing to have one already working.

The two main things I need to keep in sync are:

  1. Custom DNS entries. I run Traefik as a load balancer in front of services running in Docker to provide HTTPS, and also so services have their own DNS names instead of needing to remember which port a specific service runs on
  2. Whitelist configuration, as there are some hosts on the default block lists that I need to be accessible

» Continue reading

Raspberry Pi USB Boot with JMS578 Based USB-to-SATA Enclosures

During the festive holiday period a part of one of the projects I have been working on involved moving my home automation setup from a Raspberry Pi 3B+ to a Raspberry Pi 4B 4GB. As part of this, I wanted to switch from using an SD card to booting from an SSD for improved performance.

I already had spare parts lying around which would be reused for this.

After using the Raspberry Pi Imager to provision the SSD with Raspberry Pi OS Lite, mounting the boot partition to add the ssh file, and connecting the enclosure to one of the USB 3 ports on the Pi it wouldn’t boot. After a bit of digging I found a workaround to get this working.

» Continue reading